Firewall
If you can't see your website or access your cPanel login page, (or your email software "cannot connect to server") you or someone at your location may have triggered the security system due to failed logins or exceeding certain access rules, causing you to be be Fire-walled.
Log into your Account from the location having access issues. If you or someone at your location caused the Firewall to trigger you will see a Pop-up Notice like the one shown below which will display why you were blocked and automatically unblock your IP address from the server firewall.
Alternately you can go to the Firewall under the Support Menu at any time to confirm the IP address of your locations for all servers that effect the Hosting or Email Servers that you have.
NOTE: If you do accidentally get Fire-walled, your server will continue to function and display your website and accept inbound emails and will only appear down from your location's IP address until you reset it. You can verify its online by viewing it through a web proxy which uses a different ip such as kproxy.com
Remote Location Firewalled: If you are not at the location being blocked then you should be able to see the website and connect to the email server as normal. If you wish to allow someone from a remote location or office the ability to check and self unblock simply create a new Sub-Account user, enable it and assign it a password but DO NOT approve any of the notification or permission checkboxes. You can use any email and password even make up an email ie: unblock@firewall.com and assign it a simple password ie: 12345 and then provide that to the remote staff who can then login to the Account Portal at help.yourdomain.com and view the firewall notice and self unblock their location IP without the ability to modify or view other critical information.
Security Systems Protect Your Server
Your server is under constant attack by hackers and spammers from all over the world trying to break into our systems 24/7 and our automated security systems are crucial to protect your accounts. The same ports that must be open to allow you to use Email, FTP and log into cPanel may be accessed by Hackers trying to guess common passwords, scan ports or execute brute force attacks and the firewall blocks them out automatically behind the scenes.
Common Firwall Triggers
Failed IMAP login from xx.xxx.xxx.xxxxx (your ip address) (US/United States/City/State/-): 10 in the last 300 secs - Tue Feb 2 08:40:10 2016
Imap is used for reading email so you have some system (usually one of your computers or a phone connected to your local wifi network ) thats checking one or more email accounts on your server and one of them is failing. Each email account comprises an email name, password , protocol and port which must be correct to connect to the server.
This kind of error commonly happens when people have their computer setup to check email for a few accounts, and they remove an email account from the server or change the email account password but forget to remove it from their computer software (or update the accounts password in the software) that is set to auto login which will repeatedly fail.
The Frequency of Failure is also a factor in triggering the Firewall. 10 in the last 300 secs means 10 failures occurred within 5 minutes so the server thinks your a hacker and blocks your ip. This could mean you have your email software set to auto check every minute and if it is set to check 2 or more email account then it is connecting 10 times in 5 minutes. It could also mean you have multiple computers each set to check the same emails and both are inducing failures.
Check any software and instead of allowing automatic sequential checking of your server emails manually check each email for new email and identify the account that fails and set it with the correct settings until it connects and authenticates without failure. then revert your software to automatically checking. Note if you have multiple computers each checking different email accounts you can trigger a different kind of firewall error for too many connections per minute so make sure you compensate by checking less frequently from 1 minute to 10 or 30 minutes. Remember auto checking for email don't do you any good if your not actually sitting at the workstation you can just as easily turn auto checking off on your email client software and check manually.
Failed SMTP AUTH login from XX.XXX.XXXX.XXXX (your ip address) (US/United States/City/State/-): 10 in the last 300 secs - Wed Feb 24 12:24:24 2016 SMTP is used by your software or device to connect to the server and send email. This failure means you have some system (usually one of your computers or a phone connected to your local wifi network ) that you use to send email via one or more of your email accounts that is not using correct password or connecting and trying to send email for a non existant email account.
Failed FTP login from XX.XXX.XXXX.XXXX (your ip address) (US/United States/City/State/-): 10 in the last 300 secs - Mon Feb 22 09:48:22 2016
FTP is used by your software to connect to the server and upload or download files. This failure means your software is not using correct FTP Username or Password or Submitting a non existant FTP account.
What To Do If You Keep Getting Fire-walled
The self-unblock feature of the firewall allows you to immediately remove the block so that you can fix the underlying cause. If you keep getting fire-walled, then we suggest the next time the firewall occurs do NOT reset it, and instead open a support ticket and explain that it keeps occurring and describe the configuration of the effected system. For example, if it says 'too many SMTP connections', explain how many people have computers or devices checking email. If it says 'failed cPanel logins', explain who has access to your system and from what IP addresses, and our staff will offer advice on what you can change within your configuration or systems to resolve the underlying cause once and for all.